Radiant Logic Recognized as a Representative Vendor in 2023 Gartner Market Guide for Identity Governance and Administration

Posted in Commentary with tags on August 3, 2023 by itnerd

Radiant Logic, the Identity Data Fabric company, today announces its inclusion as a Representative Vendor in the recently released Gartner Market Guide for Identity Governance and Administration (IGA). Together with its expertise in complex identity environments, and its recent acquisition of Brainwave GRC’s advanced identity analytics capabilities, Radiant Logic is uniquely positioned as an operationally mature IGA solution.  

Designed to help security and risk management leaders understand IGA capabilities and future trends when making decisions for their organization, the Gartner Market Guide for Identity Governance and Administration recommends leaders “choose IGA solutions which align with identity-first security principles that apply context, continuity and consistency to manage identity sprawl.” 

Radiant Logic’s identity-first approach unifies information from disparate sources across legacy and cloud infrastructures to stop identity sprawl and create an authoritative data pipeline that drives: Zero Trust Architecture; merger and acquisition integrations or divestitures; cloud migration initiatives; workforce and customer identity and access management; directory modernization efforts; and more. 

With the acquisition of Brainwave GRC, and powered by years of expertise in data delivery, RadiantOne now delivers advanced analytics and insights into real-time user behavior within an enterprise environment, transforming how organizations detect and prevent cyberattacks, fraudulent activity, lateral movement from insider threats, and more. 

Gartner states: “By 2026, the analytics functionality in IGA tools will advance, and those organizations that have fully adopted and implemented AI/ML-based IGA analytics will see their access administration and governance costs 50% lower than their peers.” The report also recommends that SRM leaders “Accelerate the realization of business value from IGA investments by selecting IGA solutions with strong IGA analytics capabilities, implementing these capabilities, and measuring outcomes using outcome-driven metrics.” 

Radiant Logic’s analytics-driven governance capabilities leverage RadiantOne’s expertise in accessing and managing identity data for admin and access decisions. With the integration of Brainwave GRC, Radiant Logic offers advanced controls to ensure policies conform to principles of Segregation of Duties and Zero Trust principles. Only Radiant Logic combines the best of full-suite IGA with the ease-of-use of IGA light, making it the solution for IGA that works.   

Leave a comment »

Hot Topic Has Been Pwned In A Credential Stuffing Attack

Posted in Commentary on August 3, 2023 by itnerd

American retailer Hot Topic reports being hit by repeated credential stuffing attacks that used valid credentials. The attacks were automated and repeated over a four-month period. “Following a careful investigation, we determined that unauthorized parties launched automated attacks against our website and mobile application on February 7, March 11, May 19-21, May 27-28, and June 18-21, 2023, using valid account credentials obtained from an unknown third-party source.”

Hot Topic is an American retail chain specializing in counterculture-related clothing and accessories, as well as licensed music. With 690 stores across the US, 10,000 associates and millions of online and instore customers, the exposed threat landscape is huge.

In the breach notification the company explained that hackers used customers stolen account credentials and to access their Rewards accounts multiple times. The company said they were not the source of the stolen credentials and still have no idea where the credentials came from.

The company did say that they have taken “specific steps to safeguard our website and mobile application from” credential-stuffing attacks. Because the company was unable to discern between unauthorized and legitimate logins, they would be notifying all customers that had their accounts accessed during the cyberattacks of potential abuse of their credentials.

The information possibly exposed includes:

  • Full name
  • Email address
  • Order history
  • Phone number
  • Date of birth
  • Shipping address
  • Last four last digits of saved payment cards

Ted Miracco, CEO, Approov Mobile Security had this comment:  

“Mobile apps for retailers must take the same specific steps to safeguard their website as fintech and healthcare companies, as they are also in possession of valuable client data and vulnerable to automated “credential stuffing” attacks. This includes deploying bot protection software designed to stop such attacks.  

“While Hot Topic stated that they have been working with outside cybersecurity experts, it is not clear why they did not implement mobile app attestation specifically? Mobile app attestation is a very inexpensive security measure that ensures only authentic apps access a backend service, stopping bots, and tampered or repackaged apps. This is an attack where known solutions existed, and it is inexcusable that more precautions were not taken by the management team at Hot Topic.”

Carol Volk, EVP, BullWall follows up with this:  

“Retailers are in a tough spot when it comes to preventing credential stuffing attacks. For starters, as we see here, there is no such thing as a “strong password”, because hackers are not trying to guess our passwords, but leveraging stolen passwords. Whether your password is ‘1234’ or an 18 character string with numbers and symbols, the bad guys already have it. The best way to safeguard against the use of compromised credentials is to require MFA. Unfortunately, retailers know that customers will not tolerate the friction of MFA just to order a t-shirt, a pizza or a movie ticket, so we remain at risk.”

Emily Phelps, Director, Cyware:  

Strong security hygiene is critical to defend against credential stuffing. Consider the following recommendations:

  1. Use multifactor authentication (MFA) whenever available, to enable added layers of security.
  2. Strong passwords or passphrases that are long enough to make it difficult for an adversary’s tools to figure out.
  3. Use a password manager with encryption to safely store and maintain unique, long passwords.
  4. Limit the number of login attempts from a single IP address within a specified time frame.
  5. Adopt AI/ML technologies that are designed to recognize and block credential stuffing attempts by identifying abnormal behavior patterns.
  6. Consider biometric alternatives.

Hopefully there’s accounting of what was actually exposed rather than what was potentially exposed. And that accounting happens soon. That way victims of this hack can take the required steps to protect themselves.

Leave a comment »

The Chattanooga Heart Institute Pwned… 170K Patients Affected

Posted in Commentary with tags on August 3, 2023 by itnerd

The Chattanooga Heart Institute is notifying more than 170,000 patients that hackers may have stolen their personal and medical information in a cyberattack detected in April. The breach was claimed by the Karakurt cybercrime group a month later.

In their beach notice the clinic said that a forensics investigation into the incident had determined that hackers had access to its network between March 8th and March 16th, and on May 31 they learned that the hackers had obtained files from its systems containing copies of confidential patient information, and while medical information was among the data affected, the incident did not involve data directly from the clinic’s electronic medical record system.

The investigation is still ongoing, but the information identified as being compromised includes:

  • Name
  • Mailing address
  • Email address,
  • Phone number
  • Birthdate
  • Driver’s license number
  • Social Security number
  • Account information
  • Health insurance information
  • Diagnosis, medical condition
  • Lab results
  • Medications
  • Other clinical, demographic or financial information

Over the coming weeks as the review of each file is completed, the clinic will be sending out notification letters to those individuals whose data may have been involved.

Carol Volk, EVP, BullWall: (she/her):  

“Attackers will always find a way into the network. There is no set of preventative security tools that can prevent 100% of the attacks. While a strict defensive approach is worthwhile and critical, organizations would be wise to shift some of their effort to containing attacks once the perimeter has been breached. Encryption and exfiltration activities can be spotted and stopped, preventing a bad day from becoming a horrible day. A full cyber defense stack must prepare for this.”

This is a pretty bad hack as all the info that was obtained can lead to identity theft. Hopefully a full accounting of what happened and what will be done to protect the 170,000 patients who are affected by this will be disclosed.

Leave a comment »

An ISP Named Cloudzy Is Discovered To Be Supporting Cybercrime

Posted in Commentary with tags on August 3, 2023 by itnerd

In a new report by researchers at Halcyon, researchers detail an ISP with a legal US business profile identified as Cloudzy that is facilitating ransomware attacks and state-sponsored APT operations by providing C2P services to more than 20 hacking groups, including ransomware operators, spyware vendors, and state-sponsored APT actors.

Cloudzy does not verify customer identities and accepts anonymous crypto payments, and, despite terms and conditions prohibiting the use of its services for illicit activities, more than half of the servers hosted by Cloudzy appear to directly support malicious activities on infrastructure run from the IP space owned by other ISPs.

The company is registered in the US, but really only exists on paper, with its ‘employees’ being those of the hosting firm abrNOC in Tehran. Furthermore, Halcyon discovered infrastructure associated with hacking groups tied to Chinese, Iranian, Indian, North Korean, Pakistani, Russian, and Vietnamese governments, by the sanctioned Israeli spyware vendor Candiru, and other cybercrime and ransomware groups.

“While these C2P entities are ostensibly legitimate businesses that may or may not know that their platforms are being abused for attack campaigns, they nonetheless provide a key pillar of the larger attack apparatus leveraged by some of the most advanced threat actors,” said Halcyon on their blog.

Carol Volk, EVP, BullWall had this comment:

“Ransomware actors are knowingly or unknowingly supported by ISPs and crypto networks. They are a profitable and growing business model and all we can do is be prepared for the coming attack.  

“In the near term, AI automation will initially accelerate the ransomware problem, while companies and researchers continue to improve upon methods of applying automation and AI approaches to their cyber defenses. Research by IBM found that fully 64% of respondents are already using AI to improve cyber defenses and response times, and 29% are evaluating implementation to improve their cyber defenses. AI will continue to improve the ability to identify network breaches and implement containment strategies, stopping the attacks before they can remove or encrypt data.

Willy Leichter, VP, Cyware follows up with this:  

“This is another example of the well-developed hacking-as-a-service industry, and the limitations of blocking traffic based on location. While this is thinly veiled, there is certainly a lot of infrastructure in the US and other countries being controlled by illegal hacking groups. We need to always have a zero-trust mindset – don’t assume anything is safe because it’s from a reputable location.”

I have to admit that this is pretty crafty and a great way for these threat actors to get to victims. I wonder how many other setups like these exist? It would be in our interest to find out quickly.

Leave a comment »

Guest Post: Internet users are estimated to reach 6 billion in the next 5 years

Posted in Commentary with tags on August 3, 2023 by itnerd

The internet has become an indispensable part of our lives, transforming how we communicate and access information. As we look ahead, the internet’s influence is set to surge even further.

According to estimations by the Atlas VPN team, the number of internet users is projected to surpass 6 billion within the next five years.

As of 2023, there are approximately 5.16 billion internet users globally, accounting for 64.4% of the world’s population. By 2028, this number is expected to rise by nearly a fifth (19%) and reach 6.13 billion. 

These estimations are based on historic internet user data provided by DataReportal.

Internet user numbers and penetration rates vary widely around the globe. Developed countries typically boast internet penetration rates of over 80%, while those with less advanced cyberspace can hover below 50%. Surprisingly, the top 20 countries alone account for a staggering 3.67 billion internet users, representing 71% of the world’s total. 

China currently leads the world in terms of the largest internet user population, with 1.05 billion users, comprising over 20% of the total global internet users. Overall,73.7% of China’s population has internet access.

India, the second most populous country as of January 2023, holds the second spot on the list with 692 million internet users. However, only about 48.7% of India’s population has internet access, ranking it below the world’s average. In fact, India has the highest number of unconnected people worldwide, with over 730 million individuals lacking internet access.’

Next on the list is the United States (US), with 311.3 million internet users, which translates to approximately 91.8% of its population having internet access.

The US is followed by Indonesia and Brazil, with 212.9 million and 181.8 million internet users, respectively. 77% of Indonesia’s population has internet access, while Brazil’s rate is slightly higher at 84.3%. Brazilians also rank second in terms of time spent online.

Other countries in the top ten include Russia (127.6 million), Nigeria (122.5 million), Japan (102.5 million), Mexico (100.6 million), and the Philippines (85.16 million).

The digital future

As the number of internet users continues to climb steadily and technology evolves exponentially, the digital landscape is poised for profound transformations, ushering in new opportunities and challenges that will shape the future of our interconnected world.

As the number of internet users grows, so do the risks associated with data privacy and cybersecurity. Cyber threats, data breaches, and identity theft are increasingly prevalent in a hyper-connected world. 

Not surprisingly, most Americans regard cyberterrorism as the most pressing danger to the United States, according to a Gallup poll on world affairs.

To read the full article, head over to:https://atlasvpn.com/blog/internet-users-are-estimated-to-reach-6-billion-in-the-next-5-years 

Leave a comment »

TELUS launches HomePro

Posted in Commentary with tags on August 2, 2023 by itnerd

TELUS is making it easier for Canadians to navigate the complexity of installing and managing multiple smart home products with the launch of HomePro, a new à la carte and subscription service offering customers access to in-person and 24/7 online tech experts to support nearly every connected device in their home. TELUS has partnered with tech-care industry leader Asurion to provide customers with device protection coverage and online support for everything from device setup, installation, troubleshooting and more. In addition to personalized support, HomePro also includes a monthly membership to Amazon Prime at no cost (valued at $9.99 per month), courtesy of TELUS.

HomePro offers two monthly subscription plans and in-person à la carte services: 

  • HomePro Starter plan: for $15 per month, customers get 24/7 virtual (chat or phone) access to expert technical support and set up for almost any device in the home, plus access to an Amazon Prime membership. This means that customers can connect with tech experts any time for personalized support, including set up of the latest electronics purchased in Amazon or elsewhere. HomePro Starter is now available across Canada, excluding Quebec.
  • HomePro Plus plan: for $25 per month, customers will receive all the benefits of HomePro Starter, including access to an Amazon Prime membership, plus device protection coverage on almost every device in their home — regardless of where or when it was purchased. For an additional $10 to the monthly cost of HomePro Starter, customers can enjoy peace of mind knowing their tech is better protected against unexpected issues. HomePro Plus will be rolling out across Canada in the coming months. 
  • In-person à la carte services are available for customers needing expert tech installations and setup of almost any device – from mounting a TV, to setting up Wi-Fi, to configuring a smart thermostat – without requiring a subscription. HomePro in-person services are currently available exclusively in Calgary with plans to bring these services to more Canadian provinces in the coming months.

From fast, free delivery for millions of items to accessing a vast library of streaming entertainment, Amazon Prime gives HomePro members the ability to enjoy the exclusive features and services offered with a Prime membership — including Prime Video, Prime Delivery, Amazon Music Prime, Prime Gaming, Prime Reading, and Amazon Photos, among others. Customers with an existing Prime membership can simply link their subscription billing over to their MyTELUS account and have their monthly Prime membership included within their HomePro subscription — with no changes to their Amazon Prime account preferences, viewing history or profile.

HomePro is available to all customers regardless of whether they have current TELUS services.
For more information about HomePro and to become a member, visit telus.com/homepro

Leave a comment »

New LinkedIn data shares 31.7% of Canadian job seekers in Toronto, Ont. are the most likely to apply for hybrid work positions

Posted in Commentary with tags on August 2, 2023 by itnerd

A recent study conducted by LinkedIn’s Economic Graph research teamunveils job seekers’ preferences in the Greater Toronto Area for remote and hybrid work.  According to the data, Torontonians display the lowest interest in applying for fully remote positions among major metropolitan areas. However, despite their reluctance for fully remote roles, Torontonians lead the way in Canada’s big metro areas in applying for hybrid work opportunities.  Key findings from the report include: 

  • 28.5% of job applications from Toronto are interested in fully remote positions. 
  • Although Torontonians show less enthusiasm for fully remote positions, 31.7% of job applications from Toronto were interested in positions that involve a combination of remote and in-office work. 

 The findings are based on an analysis of more than 12 million remote job applications on LinkedIn from May 2022 to May 2023.  If you’d like to learn more you can read the report in full here

Methodology 

LinkedIn analyzed more than more than 12 million and 11 million applications to paid remote and hybrid job postings in Canada, respectively, between May 2022 and 2023. To be included, postings either were explicitly labeled as “remote” or “hybrid,” or contained keywords such as “work from home.” Only metros with a 12-month average population of 100,000 or more LinkedIn members were included as large metros.   

Leave a comment »

BlackFog State of Ransomware Report For July 2023 Is Out

Posted in Commentary with tags on August 2, 2023 by itnerd

BlackFog today released the State of Ransomware Report for July 2023. BlackFog releases this monthly report containing pertinent information regarding both publicly and non-publicly disclosed cyber attacks. The report also includes statistics on the most attacked countries and industries, as well as prevalent threat groups and attack methods.

 Dr. Darren Williams, CEO and Founder, BlackFog, has also provided commentary on July’s ransomware trends and statistics:    

“This month we continue to see a large volume of attacks, culminating in the highest July in 4 years, with 38 publicly disclosed and 390 undisclosed attacks. This represents a 10-fold difference between unreported versus reported attacks, as we continue to see the effects of the MOVEit exploit.

The most notable change saw healthcare overtake education as the most targeted sector, with a 29% increase in attacks. Education came a close second with 56 reported attacks, while the Government saw a 19% increase from last month. Other sectors remained largely unchanged.

BlackCat and LockBit remain the two dominant variants with 18.4% and 16.8% respectively. As we predicted last month, we saw CLOP overtake BlackCat in the number of unreported attacks due to the MOVEit exploit. We expect this to continue in the coming months as the full extent of this exploitation is realized.

Lastly, exfiltration continues to be the primary weapon of choice for attacks. Leveraging data for extortion contributes to this quarter’s all-time record, with an average payout of US$740,144. China continues to be the main destination for data loss at 41% with Russia at 9%.”

The full report is linked here: https://privacy.blackfog.com/wp-content/uploads/2023/08/BlackFogRansomwareReport-Jul-2023.pdf

Leave a comment »

New Research Finds BEC Attacks Increased by 55% 1H 2023 & Third Party App Integration in Email Saw 128% increase

Posted in Commentary with tags on August 2, 2023 by itnerd

Abnormal Security has released the company’s 1H 2023 revealing how email attacks have increased in both sophistication and volume since the start of the year.

  • BEC attacks increased by 55% over the previous six months, and nearly half (48%) of all organizations received at least one VEC attack during that same time frame.
  • There is a 90%+ chance of receiving at least one BEC attack and a 76% chance of receiving at least one VEC attack each week for organizations with 5,000+ mailboxes.
  • Abnormal’s research showed that the average organization integrates 379 third-party apps with email—a 128% increase since 2020. And for large enterprises with 30,000+ employees, the number of integrated third-party apps shoots up to 3,973, on average.

Here is the report for your reading pleasure:  https://abnormalsecurity.com/about/news/h2-2023-threat-report

Leave a comment »

Cyber Expert Jason Keirstead Joins Cyware as VP of Collective Threat Defense

Posted in Commentary with tags on August 2, 2023 by itnerd

Cyware, leading provider of threat intelligence management, security collaboration, and cyber fusion solutions, today announced that security expert and industry leader Jason Keirstead has been appointed Vice President of Collective Threat Defense.  

Keirstead is a distinguished cybersecurity authority with more than 20 years of industry experience – 13 of which he spent at IBM, leading the technical direction of an extensive portfolio of software and security products.  

Keirstead is also co-chair of the Open Cybersecurity Alliance, where he driven to create straightforward, intuitive solutions that effectively address complex security challenges. This, along with his passion for shaping the future of cybersecurity standards, makes Keirstead an ideal fit for Cyware and this role. 

Jason Keirstead will be an instrumental leader at Cyware, guiding the expansion of our solutions and playing a critical role in building our strategic roadmap. His industry expertise is both broad and deep when it comes to building security architecture, understanding threat trends and ecosystems, and connecting the dots between disparate tools, teams, and tactics.

Leave a comment »

« Older Entries
Newer Entries »